Skip to content
  • There are no suggestions because the search field is empty.

What Are My Responsibilities to My Members?

When a customer becomes a Member of your business through Facilipay, you take on certain responsibilities for how their personal data is handled and protected. This article explains what those responsibilities involve.

What It Means to Be a Data Controller

As a business that collects Member information, you are usually considered a Data Controller — meaning you decide why and how personal data is processed. This includes:

  • Collecting and storing customer data (e.g. name, email, phone number)
  • Using that data to provide services such as loyalty, gift cards, and marketing
  • Ensuring that data is kept secure and only used for its intended purpose

Data protection laws (such as GDPR in Europe and similar regulations elsewhere) set out specific requirements for how personal data is handled. You should check with your national Information Commissioner or legal counsel to understand the obligations that apply to you.

Allow Members to Enter Their Own Details

When a customer becomes a Member, allow them to enter their own information. This:

  • Reduces data entry errors
  • Ensures the customer can directly consent to your Privacy Statement and Terms
  • Captures accurate contact information for future communication

This approach also aligns with the principles of transparency and consent under most privacy laws.

Protect Member Data

Protecting member data should be a priority for your business. Make sure you:

  • Ensure your systems and any third-party tools do not expose or sell Member information
  • Check that any integrations you use handle data securely and in line with privacy standards
  • Limit access to Member data to authorised staff only

Sharing Member data with insecure or unrelated third parties may breach your Terms and damage customer trust.

Use Strong Cybersecurity Practices

Basic security measures help keep Member data safe:

  • Use complex, unique passwords for any system that accesses customer data
  • Make sure your website and membership forms use HTTPS, especially where customers submit personal information
  • Keep your systems up to date with security patches and active monitoring

If you become aware of a security concern, report it to Facilipay promptly so we can support and protect your Members.

Handling Member Data Requests

Members may ask for access to the personal information you hold about them — for example, name, email, phone, or transaction history. Facilipay provides tools in the Business Portal to view and export customer data if needed for lawful requests.

If a Member requests deletion of their data, follow the legal requirements that apply in your region. In some cases this may require contacting Facilipay Support so the request can be processed appropriately.

Tips & Best Practices

  • Obtain consent: Be clear about what data you are collecting and how it will be used, and capture consent at the point of collection.

  • Train your staff: Make sure team members understand basic data protection practices and access controls.

  • Document your policies: Keep written records of how you handle data — this supports compliance and transparency.

  • Use secure third-party integrations: Only connect tools that handle data securely, and review their privacy practices regularly.